package com.swn.common.util;



import java.io.IOException;
import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.swn.common.base.BaseVO;
import com.swn.common.constants.ICommonConstants;

/**
 * 功能：struts2登录过滤器
 * @author taozhc
 *
 */
public class LoginFilter implements Filter {
	protected FilterConfig filterConfig;
	@SuppressWarnings("rawtypes")
	private List allowedPaths = new ArrayList();

	@SuppressWarnings("unchecked")
	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException{
		HttpServletRequest httpRequest = (HttpServletRequest)request;
		HttpServletResponse httpResponse = (HttpServletResponse)response;
		WebContextUtils.init(httpRequest, httpResponse);
		Map<String, Object> user = (Map<String, Object>)httpRequest.getSession().getAttribute(ICommonConstants.LOGIN_USER);
        if(user==null){
        	String requestPath = httpRequest.getServletPath();
	        if(isAllowed(requestPath)){
	        	chain.doFilter(request, response);
	        	return;
	        }
			//对ajax请求的拦截,主要用于页面请求数据的一些按钮操作
			if (httpRequest.getHeader("X-Requested-With") != null
			&& httpRequest.getHeader("X-Requested-With").equalsIgnoreCase(     
			"XMLHttpRequest")) {  
				PrintWriter pw = httpResponse.getWriter();
				httpResponse.setCharacterEncoding("text/html;charset=utf-8");
				httpResponse.setContentType("text/html;charset=utf-8");
				String flag = "9999";
				pw.write(flag);
			}else{
				String contextPath=httpRequest.getContextPath();  
		        //	httpResponse.sendRedirect(contextPath+"/loginAction.action");
		        //	RequestDispatcher dispatcher = request.getRequestDispatcher("index.jsp");
		        //	dispatcher.forward(request,response);
		        //	String contextPath=httpRequest.getContextPath();  
		        //	httpResponse.sendRedirect(contextPath+"/userlogin.action"); 
		        	httpResponse.sendRedirect(contextPath+"/login.jsp");
			}
			return;
        }
        
       /* else{
        	if(!SecurityUtil.isAllow(httpRequest, requestPath)){//判断请求是否有权限
    			String contextPath=httpRequest.getContextPath();  
		        httpResponse.sendRedirect(contextPath+"/pages/login/noSecurity.jsp");//跳转到无访问权限的提示页面
		        return;
    		}
        }*/
        
        chain.doFilter(request, response); 
	}

	@SuppressWarnings("unused")
	public boolean isAllowed(String requestPath){
		for(int i =0; i< allowedPaths.size(); i++){
			String aa = (String)allowedPaths.get(i);
			if(requestPath.matches((String)allowedPaths.get(i)))
				return true;
		}
		return false;
	}
	
	@SuppressWarnings("unchecked")
	public void init(FilterConfig arg0) throws ServletException {
		String allowedPath = arg0.getInitParameter("allowedPaths");
		String[] allowed = allowedPath.split(":");
		for(int i=0; i< allowed.length;i++)
			allowedPaths.add(allowed[i].replaceAll("\\*", ".*"));
	}

	public void destroy(){
		this.filterConfig = null;
	}
}
